3

Most applications do need to be installed by admin because, I believe, they need access to system resources or files otherwise protected from accessing or modifying.

At the same time, for example, Netbeans or Aptana do not need to be installed by an admin (both use JavaRE).

So, three questions:

1) Is there any more or less general method of installing applications from a repository without using sudo by a non-admin user for her only use? At least those applications that do not require anything special to work.

2) What other applications/games etc. that do not require to be installed by admin do you know? (I have no idea how broad this question is.)

3) When a Java-based application is installed by a non-admin user, does it (JavaRE) give the application access to any system files/resources etc. otherwise protected from modifying? I would think no, but at the same time Java was installed by admin, and during installation it may have granted itself access to some resources.

Bruno Pereira
  • 73,643
Vadim
  • 1,378

1 Answers1

6

deb/dkpg packages require root to be installed. This is as much to protect the machine and its other users from harm as it is to protect the software from the users. (that made sense in my head!) This is technically the case becuase the whole apt/dpkg database is owned by root.

Sidebar: These days you can install and update things without root because of a permissions framework called PolicyKit that is similar to sudo/sudoers for graphical interfaces.

But there's no reason you can't have a local repository in another format. Desura (a Steam-a-like) manages your game installations. Eclipse can manage its own plugins and update them. Firefox for plugins. They're all repositories in their own way.

You don't have to install most software. If you can download it, most can be extracted, compiled (if it needs it) and run. You don't have to jump through the packaging steps.

Plenty of games come in .run installers. If you run these as root, it'll install the game into /opt/ or /usr/local/games/, etc but otherwise it'll install into your home directory.

As for your third question, no. It can only modify what the user can modify. And the same goes for a root-installed Java (or other) application. Unless it runs through a crazy setuid process, it can only access what the user can access. Just because the executable may is owned by root, doesn't mean it runs as root.

Oli
  • 293,335
  • Thanks, Oli. May be I should have been more clear about possible use cases. On my computer I have one su (weekly updates etc.) and other regular users. Ideally, those users should be able to install whatever they want locally in their home directories. From your answer to the third part of my question I conclude that there is no real risk of installing programs this way (whatever they want). But, of course, they can still ruin their own local files or programs (there is no way to protect from this). However, I do not see any clear way to give them some general instructions on how to do this. – Vadim Dec 16 '11 at 06:57
  • It might be safer to just let them use the Software Center. At least then there's a chance they'll get security updates. I'm asking a follow-up question to see if you could limit what users install if you allowed them all to use the Software Center. – Oli Dec 16 '11 at 12:40